Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cdiCiVpP4fxINHNCXBqENmAwJYw.roa
File: cdiCiVpP4fxINHNCXBqENmAwJYw.roa (raw, json)
Hash identifier: LeKmGDksf7JAiUFA6DAUfkhJWWmxer6nogHZNNRDsuw=
Subject key identifier: 71:D8:82:89:5A:4F:E1:FC:48:34:73:42:5C:1A:84:36:60:30:25:8C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192DF08140D21C2561D96DF9A6AEED8B369
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cdiCiVpP4fxINHNCXBqENmAwJYw.roa
Signing time: Wed 30 Oct 2024 20:05:01 +0000
ROA not before: Wed 30 Oct 2024 20:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 31.57.130.0/24 maxlen: 24
31.58.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:df:08:14:0d:21:c2:56:1d:96:df:9a:6a:ee:d8:b3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 30 20:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d882895a4fe1fc483473425c1a84366030258c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:91:ff:05:d7:bb:62:81:18:ec:05:90:42:
fa:ae:bd:e9:16:68:bf:47:32:d7:f6:64:ad:19:9c:
2c:a6:68:84:7a:3f:94:f8:21:2d:4b:43:48:04:2c:
bc:e6:0f:b1:99:01:df:ae:8c:d3:0c:f3:19:55:f5:
82:bd:bb:94:df:e1:61:d0:d9:85:d4:76:48:77:d8:
09:d3:61:a8:49:5f:a6:69:24:7e:2c:b0:a2:3a:56:
3f:df:8c:f3:8d:78:75:d9:b6:3e:28:01:9a:58:73:
49:d0:48:2c:58:75:7a:7a:f0:96:5e:de:6b:28:75:
7f:fd:a0:22:c6:9a:09:0c:a1:da:b9:49:c5:4d:61:
7e:e0:42:92:0c:93:53:3d:94:f2:40:25:a9:df:9b:
0f:94:15:6a:0b:37:58:49:f9:25:7d:3b:9a:a2:9f:
fe:12:84:fc:01:90:b2:82:63:1e:37:61:37:e4:4e:
82:a5:22:c6:74:a6:2c:1d:66:21:46:85:ad:9e:92:
e0:bf:66:c4:70:0b:e6:77:b2:ad:cd:42:e2:b3:bd:
a8:d0:ea:48:12:9a:0c:11:e9:63:8c:30:61:d1:8a:
f8:0c:f1:fc:20:ab:39:2a:b1:71:01:5e:69:37:b7:
8e:f4:cf:13:5b:0d:ea:63:0a:42:df:80:30:9b:c9:
a6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D8:82:89:5A:4F:E1:FC:48:34:73:42:5C:1A:84:36:60:30:25:8C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cdiCiVpP4fxINHNCXBqENmAwJYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.130.0/24
31.58.140.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:fe:28:e2:9d:0b:54:18:88:f0:cd:98:72:6b:b8:47:17:ba:
a9:5a:8e:45:74:b1:de:2a:1c:1b:28:27:32:74:1a:72:08:0b:
25:c7:f2:28:52:b2:c9:08:5b:2a:01:0e:0a:c3:28:14:d1:6a:
bd:13:3e:06:31:32:5b:ce:6a:0a:54:ea:85:89:97:e9:f3:b0:
e4:7d:52:59:2e:76:81:71:32:f4:cc:31:5b:35:28:0a:88:c1:
c9:02:0d:42:dc:1b:c5:3f:04:c7:38:65:9b:04:b5:e4:89:c7:
7c:fc:6f:d4:53:b8:b3:35:f3:a8:74:06:6b:02:37:a8:72:10:
d0:49:ec:28:7f:b0:06:28:19:b0:1b:0f:f2:9c:18:de:ed:b3:
c6:e3:67:d5:9d:0c:81:01:6d:c9:5b:e2:a5:8a:d2:6b:33:8d:
97:cd:3e:e7:1c:50:09:d9:cd:54:31:a2:51:87:69:fd:a8:00:
cb:9f:ba:6e:55:93:3d:bb:05:e9:1a:3a:98:9e:35:4a:fd:5b:
32:d7:10:19:d9:c0:17:90:3f:8b:61:0e:d4:6e:29:68:b2:d8:
ef:67:0e:f3:44:c0:95:94:21:33:bc:c2:40:41:03:67:7e:b9:
59:eb:66:30:bb:cf:fc:aa:fa:7a:88:39:83:dc:df:fe:52:01:
c8:75:c1:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLfCBQNIcJWHZbfmmru2LNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDMwMjAwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ4ODI4OTVhNGZlMWZjNDgzNDczNDI1YzFhODQzNjYwMzAyNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaCR/wXXu2KBGOwFkEL6rr3pFmi/
RzLX9mStGZwspmiEej+U+CEtS0NIBCy85g+xmQHfrozTDPMZVfWCvbuU3+Fh0NmF
1HZId9gJ02GoSV+maSR+LLCiOlY/34zzjXh12bY+KAGaWHNJ0EgsWHV6evCWXt5r
KHV//aAixpoJDKHauUnFTWF+4EKSDJNTPZTyQCWp35sPlBVqCzdYSfklfTuaop/+
EoT8AZCygmMeN2E35E6CpSLGdKYsHWYhRoWtnpLgv2bEcAvmd7KtzULis72o0OpI
EpoMEeljjDBh0Yr4DPH8IKs5KrFxAV5pN7eO9M8TWw3qYwpC34Awm8mm6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHYgolaT+H8SDRzQlwahDZgMCWMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY2RpQ2lWcFA0ZnhJTkhOQ1hCcUVObUF3Sll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzmCAwQA
HzqMMA0GCSqGSIb3DQEBCwUAA4IBAQC7/ijinQtUGIjwzZhya7hHF7qpWo5FdLHe
KhwbKCcydBpyCAslx/IoUrLJCFsqAQ4KwygU0Wq9Ez4GMTJbzmoKVOqFiZfp87Dk
fVJZLnaBcTL0zDFbNSgKiMHJAg1C3BvFPwTHOGWbBLXkicd8/G/UU7izNfOodAZr
AjeochDQSewof7AGKBmwGw/ynBje7bPG42fVnQyBAW3JW+KlitJrM42XzT7nHFAJ
2c1UMaJRh2n9qADLn7puVZM9uwXpGjqYnjVK/Vsy1xAZ2cAXkD+LYQ7Ubilostjv
Zw7zRMCVlCEzvMJAQQNnfrlZ62Ywu8/8qvp6iDmD3N/+UgHIdcER
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:54 2024 by rpki-client on console-fra.rpki-client.org